All Jupiter Broadcasting Shows

We examine why it's so difficult to protect your privacy online and discuss browser fingerprinting, when to use a VPN, and the limits of private browsing. Plus Apple's blaring bluetooth beacons and Facebook's worrying plans for WhatsApp.

Distrohoppers delivers a distro that divides us, and we check out the video streaming and recording software OBS Studio. Plus a handy audio recorder that's as simple as it gets.Links:OBS Studio — Free and open source software for video recording and live streaming. SoundRecorder — A simple and modern sound recorderEndless OS — The operating system that comes with everything your family needs.

The complete keynote from Texas LinuxFest that inspired us to try harder. Thomas Cameron presents a keynote that everyone needs to hear. It's time to end the distro wars, invite everyone to the dance, and build the future. Cloud dude, Linux advocate, Open Source evangelist and current Amazonian, Thomas Cameron's keynote is a must listen.

OPNsense 19.7.1 is out, ZFS on Linux still has annoying issues with ARC size, Hammer2 is now default, NetBSD audio – an application perspective, new FreeNAS Mini, and more. Headlines OPNsense 19.7.1 We do not wish to keep you from enjoying your summer time, but this is a recommended security update enriched with reliability fixes for the new 19.7 series. Of special note are performance improvements as well as a fix for a longstanding NAT before IPsec limitation. Full patch notes: system: do not create automatic copies of existing gateways system: do not translate empty tunables descriptions system: remove unwanted form action tags system: do not include Syslog-ng in rc.freebsd handler system: fix manual system log stop/start/restart system: scoped IPv6 "%" could confuse mwexecf(), use plain mwexec() instead system: allow curl-based downloads to use both trusted and local authorities system: fix group privilege print and correctly redirect after edit system: use cached address list in referrer check system: fix Syslog-ng search stats firewall: HTML-escape dynamic entries to display aliases firewall: display correct IP version in automatic rules firewall: fix a warning while reading empty outbound rules configuration firewall: skip illegal log lines in live log interfaces: performance improvements for configurations with hundreds of interfaces reporting: performance improvements for Python 3 NetFlow aggregator rewrite dhcp: move advanced router advertisement options to correct config section ipsec: replace global array access with function to ensure side-effect free boot ipsec: change DPD action on start to "dpdaction = restart" ipsec: remove already default "dpdaction = none" if not set ipsec: use interface IP address in local ID when doing NAT before IPsec web proxy: fix database reset for Squid 4 by replacing use of ssl_crtd with security_file_certgen plugins: os-acme-client 1.24[1] plugins: os-bind 1.6[2] plugins: os-dnscrypt-proxy 1.5[3] plugins: os-frr now restricts characters BGP prefix-list and route-maps[4] plugins: os-google-cloud-sdk 1.0[5] ports: curl 7.65.3[6] ports: monit 5.26.0[7] ports: openssh 8.0p1[8] ports: php 7.2.20[9] ports: python 3.7.4[10] ports: sqlite 3.29.0[11] ports: squid 4.8[12] Stay safe and hydrated, Your OPNsense team ZFS on Linux still has annoying issues with ARC size One of the frustrating things about operating ZFS on Linux is that the ARC size is critical but ZFS's auto-tuning of it is opaque and apparently prone to malfunctions, where your ARC will mysteriously shrink drastically and then stick there. Linux's regular filesystem disk cache is very predictable; if you do disk IO, the cache will relentlessly grow to use all of your free memory. This sometimes disconcerts people when free reports that there's very little memory actually free, but at least you're getting value from your RAM. This is so reliable and regular that we generally don't think about 'is my system going to use all of my RAM as a disk cache', because the answer is always 'yes'. (The general filesystem cache is also called the page cache.) This is unfortunately not the case with the ZFS ARC in ZFS on Linux (and it wasn't necessarily the case even on Solaris). ZFS has both a current size and a 'target size' for the ARC (called 'c' in ZFS statistics). When your system boots this target size starts out as the maximum allowed size for the ARC, but various events afterward can cause it to be reduced (which obviously limits the size of your ARC, since that's its purpose). In practice, this reduction in the target size is both pretty sticky and rather mysterious (as ZFS on Linux doesn't currently expose enough statistics to tell why your ARC target size shrunk in any particular case). The net effect is that the ZFS ARC is not infrequently quite shy and hesitant about using memory, in stark contrast to Linux's normal filesystem cache. The default maximum ARC size starts out as only half of your RAM (unlike the regular filesystem cache, which will use all of it), and then it shrinks from there, sometimes very significantly, and once shrunk it only recovers slowly (if at all). News Roundup Hammer2 is now default commit a49112761c919d42d405ec10252eb0553662c824 Author: Matthew Dillon <dillon at apollo.backplane.com> Date: Mon Jun 10 17:53:46 2019 -0700 installer - Default to HAMMER2 * Change the installer default from HAMMER1 to HAMMER2. * Adjust the nrelease build to print the location of the image files when it finishes. Summary of changes: nrelease/Makefile | 2 +- usr.sbin/installer/dfuibe_installer/flow.c | 20 ++++++++++---------- 2 files changed, 11 insertions(+), 11 deletions(-) http://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/a49112761c919d42d405ec10252eb0553662c824 NetBSD audio – an application perspective NetBSD audio – an application perspective ... or, "doing it natively, because we can" audio options for NetBSD in pkgsrc Use NetBSD native audio (sun audio/audioio.h) Or OSS emulation layer: Basically a wrapper around sun audio in the kernel. Incomplete and old version, but works for simple stuff Many many abstraction layers available: OpenAL-Soft alsa-lib (config file required) libao, GStreamer (plugins!) PortAudio, SDL PulseAudio, JACK ... lots more!? some obsolete stuff (esd, nas?) Advantages of using NetBSD audio directly Low latency, low CPU usage: Abstraction layers differ in latency (SDL2 vs ALSA/OpenAL) Query device information: Is /dev/audio1 a USB microphone or another sound card? Avoid bugs from excessive layering Nice API, well documented: [nia note: I had no idea how to write audio code. I read a man page and now I do.] Your code might work on illumos too [nia note: SDL2 seems very sensitive to the blk_ms sysctl being high or low, with other implementations there seems to be a less noticable difference. I don't know why.] New FreeNAS Mini Two new FreeNAS Mini systems join the very popular FreeNAS Mini and Mini XL: FreeNAS Mini XL+: This powerful 10 Bay platform (8x 3.5” and 1x 2.5” hot-swap, 1x 2.5” internal) includes the latest, compact server technology and provides dual 10GbE ports, 8 CPU cores and 32 GB RAM for high performance workgroups. The Mini XL+ scales beyond 100TB and is ideal for very demanding applications, including hosting virtual machines and multimedia editing. Starting at $1499, the Mini XL+ configured with cache SSD and 80 TB capacity is $4299, and consumes about 100 Watts. FreeNAS Mini E: This cost-effective 4 Bay platform provides the resources required for SOHO use with quad GbE ports and 8 GB of RAM. The Mini E is ideal for file sharing, streaming and transcoding video at 1080p. Starting at $749, the Mini E configured with 8 TB capacity is $999, and consumes about 36 Watts. Beastie Bits Welcome to NetBSD 9.99.1! Berkeley smorgasbord — part II dtracing postgres Project Trident 19.07-U1 now available Need a Secure Operating System? Take a Look at OpenBSD Feedback/Questions Jeff - OpenZFS Port Testing Feedback Malcolm - Best Practices for Custom Ports Michael - Little Correction Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv Your browser does not support the HTML5 video tag.

We put the Raspberry Pi 4 to the desktop test, and try it as our daily driver. Plus some neat and powerful uses for recent Pis, and our thoughts on Manjaro's change of heart.Special Guests: Alan Pope, Alex Kretzschmar, and Brent Gervais.Links:Millions of Books Are Secretly in the Public Domain. You Can Download Them Free — Prior to 1964, books had a 28-year copyright term. Extending it required authors or publishers to send in a separate form, and lots of people didn't end up doing that. Thanks to the efforts of the New York Public Library, many of those public domain books are now free online.About FreeOffice - it's not being installed by default - Announcements - Manjaro Linux Forum — Manjaro will not be installing FreeOffice by default. This isn't happening.Join the new Minimization Team - devel-announce - Fedora Mailing-Lists — I'm starting a Minimization Objective focusing on minimising the installation size of some of the popular apps, runtimes, and other pieces of software in Fedora.Google Engineers Get Windows Booting When Kexec'ed Under Linux - Phoronix — An interesting summer internship at Google has led to an experimental effort to get Microsoft Windows running via Kexec from Linux. The engineers involved have been implementing enough of the EFI Boot Services to be able to kexec Windows from Linux. Roy Hopkins on Twitter — That's a coincidence. Today I managed to boot Windows 10 directly from Linux on a real platform using a kernel module to emulate UEFI. I hate to say it but achieving ExitBootServices is only the beginning... LinuxBoot — LinuxBoot is a firmware for modern servers that replaces specific firmware functionality like the UEFI DXE phase with a Linux kernel and runtime. The 2019 SeaGL CFP is open for business! | Seattle GNU/Linux Conference — Calling all speakers or speakers-to-be! Our 2019 Call for Proposals is open! Chris Fisher on Instagram — Raspberry Pi 4 desktop kit unboxing Benchmarking the Raspberry Pi 4 - Gareth Halfacree — Although appearing similar at first glance, the new board is slightly larger thanks to ports extending further from the PCB for improved case compatibility, the Ethernet and USB ports have been switched around, the power input is now a USB Type-C connector, and the full-size HDMI output has been swapped out for not one but two micro-HDMI connectors. Chris' pi4 BenchmarksRpi4-sql Benchmarks - OpenBenchmarking.orgRPI4-CPU-PERF Benchmarks - OpenBenchmarking.orgHP 4000 Pro SFF Desktop Intel Core 2 Duo (E7500) 2.93GHz 4GB DDR3 250GB HDDInitial Raspberry Pi 4 Performance Benchmarks - Phoronixmotioneye — motionEye is a web frontend for the motion daemon, written in Python. Motion — Motion is a highly configurable program that monitors video signals from many types of cameras. CodiMD - Realtime collaborative markdown notes on all platforms. — CodiMD lets you collaborate in real-time with markdown. Built on HackMD source code, CodiMD lets you host and control your team's content with speed and ease. r-darwish/topgrade: Upgrade everything — Keeping your system up to date mostly involves invoking more than a single package manager. This usually results in big shell one-liners saved in your shell history. Topgrade tries to solve this problem by detecting which tools you use and run their appropriate package managers.

Chris finally gets excited about Docker just as Wes tells him it’s time to learn something new. Plus the state of browser extension development, the value of non-technical advice, and your feedback.Links:Feedback: good mic for voice recording? — I'm looking for a good mic for voice recording since I will be a guest on a podcast soon. Since you sound good in your shows, can you share what mics you are using? Amazon.com: Audio-Technica ATR2500-USB Cardioid Condenser USB Microphone: Musical Instruments — Side-address condenser microphone with USB output for easy connection to your computer.Google and Mozilla are failing to support browser extension developers · Armin Sebastian — We are witnessing the failure of browser vendors to recognize the value of our labor and the important role it plays in a healthy browser ecosystem. Half of all Google Chrome extensions have fewer than 16 installs — All in all, about 50% of all Chrome extensions have fewer than 16 installs, meaning that half of the Chrome extension ecosystem is actually more of a ghost town, according to a recent scan of the entire Chrome Web Store conducted by Extension Monitor.All the best engineering advice I stole from non-technical people — As I focus on becoming a better manager of engineers, I have been reflecting more and more on the advice that produced a 10X boost in my abilities at that same stage. More often than not the best advice, the things that stuck with me, came from people who had no background at all in software. Overview of Docker Compose | Docker Documentation — Compose is a tool for defining and running multi-container Docker applications. With Compose, you use a YAML file to configure your application’s services. Then, with a single command, you create and start all the services from your configuration. Podman — What is Podman? Podman is a daemonless container engine for developing, managing, and running OCI Containers on your Linux System. Containers can either be run as root or in rootless mode. Simply put: alias docker=podman.

We share stories from a time when computer storage was very precious, and the types of storage were still battling it out for the standard. Plus our proposals to do away with time zones, and a special guest helps give away some games.Special Guests: Brent Gervais and Jackie DeVore.Links:The radical plan to destroy time zones - The Washington Post — The plan was strikingly simple. Rather than try to regulate a variety of time zones all around the world, we should instead opt for something far easier: Let's destroy all these time zones and instead stick with one big "Universal Time." How India's single time zone is hurting its people - BBC News — The sun rises nearly two hours earlier in the east of India than in the far west. Critics of the single time zone have argued that India should move to two different standard times to make the best use of daylight in eastern India, where the sun rises and sets much earlier than the west. People in the east need to start using their lights earlier in the day and hence use more electricity. Sirens of Scream Podcast — Three lady geeks explore the dark side of comics, games, film and tv. The spooky and sinister, the gory and gross; nothing is off limits. SirensPodcast on TwitterTime Capsule For The Year 2957 Discovered at MIT — As we’ve seen time and again, most time capsules are incredibly boring. But MIT recently discovered a time capsule filled with some amazing materials from 1957 inside. It’s not supposed to be opened until the year 2957, and thankfully MIT is honoring that wish. A Moment in Time: Time capsule found during construction at MIT — Back in the early stages of construction for MIT.nano, members of the crew stumbled upon something that clearly didn't belong: A time capsule buried in 1957 as part of the dedication to the Compton Laboratories. Relic from last century | MIT News — During excavation for MIT.nano, the Department of Facilities unearthed an unexpected relic between buildings 12 and 26: a time capsule buried on June 5, 1957, to commemorate the opening of the Karl Taylor Compton Laboratories. A partially disassembled IBM 350 (RAMAC)Iomega Jaz (1996 – 2002) | Museum of Obsolete Media — Introduced by Iomega in 1996, the Jaz disk was a removable hard-disk storage system, that initially had a capacity of 1 GB (a 2 GB version was released in 1998). Jaz drive - Wikipedia — Following the success of the Iomega Zip drive, which stored data on removable magnetic cartridges with 100MB nominal capacity, the company developed and released the Jaz drive. Initially the drive featured 1GB capacity per removable disk; this was increased to 2GB in 1998. MiniDisc - Wikipedia — MiniDisc (MD) is a magneto-optical disc-based data storage format offering a capacity of 60, 74 minutes and, later, 80 minutes, of digitized audio or 1 gigabyte of Hi-MD data. Sony brand audio players were on the market in September 1992. PocketZip - Wikipedia — It was known as the "Clik!" drive until the click of death class action lawsuit regarding mass failures of Iomega's Zip drives. Thenceforth, it was renamed to PocketZip.Music | AKAW! — Intro: Bird Brain Outro: El Guapo

Manjaro's news starts us off and leads us into a bigger philosophical question about open source development. Plus Gnome and KDE come together at the Linux App Summit, Mozilla's update on DNS-over-HTTPS, and the case for the VR desktop.Links:Manjaro to ship FreeOffice by default — We will ship FreeOffice by default. This is possible since we partnered up with Softmaker. Enjoy the best compatibility to MS Office.Manjaro backtracks — Manjaro will not be installing FreeOffice by default.GNOME and KDE to co-host the Linux App Summit in November — The GNOME Foundation and KDE e.V. are proud to announce Linux App Summit 2019. The Linux App Summit will be held in Barcelona from November 12th to 15th, 2019. An update on Android for search providers in Europe — Next year, we'll introduce a new way for Android users to select a search provider to power a search box on their home screen and as the default in Chrome (if installed). Google will use a first-price sealed-bid auctionDNS-over-HTTPS (DoH) Update — We want to understand how often users of Firefox are subject to these network configurations.Contract for the Web is becoming a reality — Berners-Lee has called it many things since he announced it at the 2018 Web Summit: a contract, a “magna carta” and a Bill of Rights. Browser vendors win war with W3C over HTML and DOM standardsSolidMoving the Linux desktop to another reality — Today, we are very excited to announce a new open source project which enables interaction with traditional desktop environments, such as GNOME and KDE, in VR.

It's another #AskError special! Sleep tech, missing apps on Linux, a deep question, and much more. 00:00:36 What sleep tech do you use? 00:07:59 What’s the first thing you’d do if you won the lottery? 00:13:30 What one application is completely missing on Linux? 00:17:15 Do you ever use default folders like documents, pictures, music etc? 00:25:47 What’s in your conference bag? 00:29:38 What is love?

DragonFlyBSD Project Update - colo upgrade, future trends, resuming ZFS send, realtime bandwidth terminal graph visualization, fixing telnet fixes, a chapter from the FBI’s history with OpenBSD and an OpenSSH vuln, and more. Headlines DragonFlyBSD Project Update - colo upgrade, future trends For the last week I've been testing out a replacement for Monster, our 48-core opteron server. The project will be removing Monster from the colo in a week or two and replacing it with three machines which together will use half the power that Monster did alone. The goal is to clear out a little power budget in the colo and to really beef-up our package-building capabilities to reduce the turn-around time needed to test ports syncs and updates to the binary package system. Currently we use two blades to do most of the building, plus monster sometimes. The blades take almost a week (120 hours+) to do a full synth run and monster takes around 27.5 hours. But we need to do three bulk builds more or less at the same time... one for the release branch, one for the development branch, and one for staging updates. It just takes too long and its been gnawing at me for a little while. Well, Zen 2 to the rescue! These new CPUs can take ECC, there's actually an IPMI mobo available, and they are fast as hell and cheap for what we get. The new machines will be two 3900X based servers, plus a dual-xeon system that I already had at home. The 3900X's can each do a full synth run in 24.5 hours and the Xeon can do it in around 31 hours. Monster will be retired. And the crazy thing about this? Monster burns 1000W going full bore. Each of the 3900X servers burns 160W and the Xeon burns 200W. In otherwords, we are replacing 1000W with only 520W and getting roughly 6x the performance efficiency in the upgrade. This tell you just how much more power-efficient machines have become in the last 9 years or so. > This upgrade will allow us to do full builds for both release and dev in roughly one day instead of seven days, and do it without interfering with staging work that might be happening at the same time. Future trends - DragonFlyBSD has reached a bit of a cross-roads. With most of the SMP work now essentially complete across the entire system the main project focus is now on supplying reliable binary ports for release and developer branches, DRM (GPU) support and other UI elements to keep DragonFlyBSD relevant on workstations, and continuing Filesystem work on HAMMER2 to get multi-device and clustering going. Resuming ZFS send One of the amazing functionalities of ZFS is the possibility of sending a whole dataset from one place to another. This mechanism is amazing to create backups of your ZFS based machines. Although, there were some issues with this functionality for a long time when a user sent a big chunk of data. What if you would do that over the network and your connection has disappeared? What if your machine was rebooted as you are sending a snapshot? For a very long time, you didn't have any options - you had to send a snapshot from the beginning. Now, this limitation was already bad enough. However, another downside of this approach was that all the data which you already send was thrown away. Therefore, ZFS had to go over all this data and remove them from the dataset. Imagine the terabytes of data which you sent via the network was thrown away because as you were sending the last few bytes, the network went off. In this short post, I don't want to go over the whole ZFS snapshot infrastructure (if you think that such a post would be useful, please leave a comment). Now, to get back to the point, this infrastructure is used to clone the datasets. Some time ago a new feature called “Resuming ZFS send” was introduced. That means that if there was some problem with transmitting the dataset from one point to another you could resume it or throw them away. But the point is, that yes, you finally have a choice. News Roundup Realtime bandwidth terminal graph visualization If for some reasons you want to visualize your bandwidth traffic on an interface (in or out) in a terminal with a nice graph, here is a small script to do so, involving ttyplot, a nice software making graphics in a terminal. The following will works on OpenBSD. You can install ttyplot by pkg_add ttyplot as root, ttyplot package appeared since OpenBSD 6.5. fixing telnet fixes There’s a FreeBSD commit to telnet. fix a couple of snprintf() buffer overflows. It’s received a bit of attention for various reasons, telnet in 2019?, etc. I thought I’d take a look. Here’s a few random observations. The first line is indented with spaces while the others use tabs. The correct type for string length is size_t not unsigned int. sizeof(char) is always one. There’s no need to multiply by it. If you do need to multiply by a size, this is an unsafe pattern. Use calloc or something similar. (OpenBSD provides reallocarray to avoid zeroing cost of calloc.) Return value of malloc doesn’t need to be cast. In fact, should not be, lest you disguise a warning. Return value of malloc is not checked for NULL. No reason to cast cp to char * when passing to snprintf. It already is that type. And if it weren’t, what are you doing? The whole operation could be simplified by using asprintf. Although unlikely (probably impossible here, but more generally), adding the two source lengths together can overflow, resulting in truncation with an unchecked snprintf call. asprintf avoids this failure case. A Chapter from the FBI’s History with OpenBSD and an OpenSSH Vuln Earlier this year I FOIAed the FBI for details on allegations of backdoor installed in the IPSEC stack in 2010, originally discussed by OpenBSD devs (https://marc.info/?l=openbsd-tech&m=129236621626462 …) Today, I got an interesting but unexpected responsive record: Freedom of Information Act: FBI: OpenBSD GitHub Repo Beastie Bits “Sudo Mastery, 2nd Edition” open for tech review FreeBSD Journal: FreeBSD for Makers OpenBSD and NetBSD machines at Open Source Conference 2019 Nagoya FreeBSD 12.0: WINE Gaming Introduction to the Structure and Interpretation of TNF (The NetBSD Foundation) vBSDcon speakers announced Feedback/Questions Pat - NYCBug Aug 7th Tyler - SSH keys vs password Lars - Tor-Talk Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv Your browser does not support the HTML5 video tag.